rooty/yubikey-val
1
0
Fork 0
mirror of https://github.com/Yubico/yubikey-val.git synced 2025-03-01 21:29:18 +01:00
Code Issues Projects Releases Wiki Activity

Cosmetic changes.

Browse Source
This commit is contained in:
Jean Paul Galea 2015-07-17 21:17:29 +02:00
parent be27f62236
commit 38c048b833
1 changed files with 25 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
ykval-verify.php
View File

@ -218,45 +218,51 @@ if ($h != '') {
/* We need to add necessary parameters not available at earlier protocols after signature is computed. /* We need to add necessary parameters not available at earlier protocols after signature is computed.
*/ */
if ($protocol_version<2.0) { if ($protocol_version < 2.0)
/* We need to create a nonce manually here */ {
$nonce = md5(uniqid(rand())); /* We need to create a nonce manually here */
$myLog->log(LOG_INFO, 'protocol version below 2.0. Created nonce ' . $nonce); $nonce = md5(uniqid(rand()));
} $myLog->log(LOG_INFO, 'protocol version below 2.0. Created nonce ' . $nonce);
}
//// Which YK-KSM should we talk to? //// Which YK-KSM should we talk to?
// //
$urls = otp2ksmurls ($otp, $client); $urls = otp2ksmurls ($otp, $client);
if (!is_array($urls)) { if (!is_array($urls))
sendResp(S_BACKEND_ERROR, $myLog, $apiKey); {
sendResp(S_BACKEND_ERROR, $myLog, $apiKey);
} }
//// Decode OTP from input //// Decode OTP from input
// //
$curlopts = array(); $curlopts = array();
if (array_key_exists('__YKVAL_KSM_CURL_OPTS__', $baseParams)) { if (array_key_exists('__YKVAL_KSM_CURL_OPTS__', $baseParams))
$curlopts = $baseParams['__YKVAL_KSM_CURL_OPTS__']; {
$curlopts = $baseParams['__YKVAL_KSM_CURL_OPTS__'];
} }
$otpinfo = KSMdecryptOTP($urls, $myLog, $curlopts); $otpinfo = KSMdecryptOTP($urls, $myLog, $curlopts);
if (!is_array($otpinfo)) { if (!is_array($otpinfo))
sendResp(S_BAD_OTP, $myLog, $apiKey); {
sendResp(S_BAD_OTP, $myLog, $apiKey);
} }
$myLog->log(LOG_DEBUG, "Decrypted OTP:", $otpinfo); $myLog->log(LOG_DEBUG, "Decrypted OTP:", $otpinfo);
//// Get Yubikey from DB //// Get Yubikey from DB
// //
$devId = substr($otp, 0, strlen ($otp) - TOKEN_LEN); $devId = substr($otp, 0, strlen ($otp) - TOKEN_LEN);
$yk_publicname=$devId; $yk_publicname = $devId;
$localParams = $sync->getLocalParams($yk_publicname); $localParams = $sync->getLocalParams($yk_publicname);
if (!$localParams) { if (!$localParams)
$myLog->log(LOG_NOTICE, 'Invalid Yubikey ' . $yk_publicname); {
sendResp(S_BACKEND_ERROR, $myLog, $apiKey); $myLog->log(LOG_NOTICE, 'Invalid Yubikey ' . $yk_publicname);
} sendResp(S_BACKEND_ERROR, $myLog, $apiKey);
}
$myLog->log(LOG_DEBUG, "Auth data:", $localParams); $myLog->log(LOG_DEBUG, "Auth data:", $localParams);
if ($localParams['active'] != 1) { if ($localParams['active'] != 1)
$myLog->log(LOG_NOTICE, 'De-activated Yubikey ' . $devId); {
sendResp(S_BAD_OTP, $myLog, $apiKey); $myLog->log(LOG_NOTICE, 'De-activated Yubikey ' . $devId);
sendResp(S_BAD_OTP, $myLog, $apiKey);
} }
/* Build OTP params */ /* Build OTP params */